When you think about which country is the world’s biggest source of Internet attacks, the usual suspects first come to mind.

The United States, perhaps, because it has the most individual IP addresses and such free-flowing Web traffic. China is always a candidate, since it has so many users and has often been accused of being behind attacks. Russia is another traditional source of attacks.

For a few hours this week, the cacophonous discourse that typically reverberates through the Russian Internet went silent when cyberattacks crippled the country’s top blogging service.

The attacks were short-lived, and it is unclear who was behind them. But they provoked such outrage here that President Dmitri A. Medvedev, who has his own Livejournal blog, personally ordered the police to look into the matter.

With nearly five million users, Livejournal is immensely popular in Russia. Invented by an American college student, and now owned by a Russian company, Livejournal differs little from such services the world over, offering large helpings of celebrity gossip and racy photos.

Yet, in a country where press freedoms and public displays of dissent have been curtailed over the years, it has also come to serve a crucial social function.

“Livejournal is actually the only uncensored, uncontrolled and unmoderated channel for discussion,” said Anton Nossik, a prominent Internet specialist and blogger. “It is equally used by all sides of our political landscape, not only by the opposition, but by the president.”

Indeed, many government ministers and governing party officials now have Livejournal blogs, and they have become the targets not only of opposition leaders, but also of cynical teenagers and the occasional disgruntled retiree.

Debates can be fierce and sometimes spill from the virtual world into the real, as when Oleg Kashin, a government critic famous for attacking officials on his Livejournal blog, was beaten nearly to death in November.

Because of restrictions on the press here, it is often up to bloggers to expose corruption and other misdeeds by the authorities. Some, like Aleksei Navalny, a prominent anticorruption crusader, have become political forces in their own right.

“For me, there are no opportunities to publish materials about corruption in, say, Gazprom or Transneft,” Mr. Navalny said, referring to Russia’s large government-owned energy companies. “Through Livejournal, I can bring this information to a few million people, which is comparable to a television audience.”

Unlike in countries like China and some other former Soviet republics, access to the Internet has largely remained unfettered in Russia. But for many, the recent cyberattacks have undermined a long-held assumption here that the Internet would remain free no matter how strictly other forms of media were controlled.

Livejournal was hit twice this week by so-called distributed-denial-of-service attacks, which take down a target’s server by overwhelming it with requests. It was attacked in a similar way on March 30.

The Web site of the opposition newspaper Novaya Gazeta was also shut down for most of Friday, reportedly by attackers.

“Bloggers have obviously begun to represent a threat to many political forces and official media outlets,” Oleg Kozyrev, a prominent blogger, wrote on Livejournal. “Those who are independent and not indifferent have sent a challenge to the swamp of corrupt officials.”

Does net neutrality prevent ISPs from managing their networks? Does it mean that an ISP cannot favor some traffic over other traffic? Does it mean that some towns or homes, perhaps in rural areas, are guaranteed equal access to networks available in more heavily populated or wealthy areas?

The term network neutrality has been used lately to refer to a number of different ideas. One is that networks should be operated without any protocol filtering. Another is that the one and only business model for an ISP is one in which there is a flat fee for unlimited access at the specified line rate. And still another is that networks should be available to all, equally, regardless of their geographic location. There may even be more ideas wedged uncomfortably into this single term’s common use.

The term network neutrality has been used lately to refer to a number of different ideas. One is that networks should be operated without any protocol filtering. Another is that the one and only business model for an ISP is one in which there is a flat fee for unlimited access at the specified line rate. And still another is that networks should be available to all, equally, regardless of their geographic location. There may even be more ideas wedged uncomfortably into this single term’s common use.

No wonder we’re fighting!

So, does net neutrality prevent ISPs from managing their networks? Does it mean that an ISP cannot favor some traffic over other traffic? Does it mean that some towns or homes, perhaps in rural areas, are guaranteed equal access to networks available in more heavily populated or wealthy areas?

First, I don’t know anybody who argues that an ISP cannot manage its network. Monitoring for things such as link utilization and how heavily taxed packet forwarding components (routers) are over time is a normal part of operating any large network. Responding to problems found in such monitoring by adding capacity, upgrading software, or even re-designing networks, all are normal parts of network management.

The real touchy point, when it comes to network management, is whether an ISP can decide that some application traffic does not get the ‘hands-off’ treatment that the user expects — that the ISP can instead slow some traffic down or stealthily terminate some sessions based on the application protocol or the user involved, in the interest of keeping resources more available to all. If the ISP does this without transparency to its users, that isn’t network management. It’s false advertising.

Congress punts net neutrality back to FCC

Then there’s the subject of whether net neutrality allows for a business model in which some traffic is expedited. Those who oppose net neutrality because it would appear to preclude differentiated services are combining two issues in an odd way. Though I think the dishonest favoring described in the previous paragraph is ultimately a problem for users and for the development of new network services, I believe that expedited network traffic handling as a business arrangement, articulated in a service offering and an SLA and available to anyone willing to pay for it, can be a reasonable and fair business model.

Bandwidth and the consumer

The ISPs have traditionally operated more as bandwidth providers than as content providers (though some clearly want to play in both spaces going forward). The business model of being a bandwidth provider has its real challenges. There are ISP costs that really do scale with user load, but also a user community that much prefers flat-rate pricing to usage-based pricing. And as these users become consumers and producers of more rich media, global IP traffic is growing rapidly while ISPs revenue, linked more closely with the number of users, is now growing much more slowly.

ISPs naturally want their network investments to serve large communities in a cost effective way, and so count on significant statistical multiplexing. Many ISPs become concerned, quite reasonably, when network use by small numbers of resource-hungry users account for more than their ‘share’ of the finite resource, while the users maintain the reasonable belief that they paid for a certain amount of access bandwidth and just want to make full use of it some of the time.

In their bandwidth-provider role, ISPs have paid much attention in recent years to “file sharing” applications and users, and the response has sometimes been to manage their network to limit such use, despite not being crystal clear to their users that this is what they do. This part of the argument often gets emotional, probably in part because of the perception of illegal or immoral use of the network, and also because there are third parties who have financial interests in some of the content being shared and they are motivated to apply legal pressures. But from a strict capacity standpoint, it’s still really just a matter of finite resources and significant diversity in demand.

Can’t the users just select the ISP who will treat their traffic as they expect? Unfortunately, time has shown that the market is not organically providing this solution, at least in the consumer area.

Many neighborhoods and regions cannot support two or more bandwidth providers competing on the strength of service and price, given the investments required to operate. Providers recognize this and either select their areas of operation accordingly or “compete” only half-heartedly in some spaces. Perhaps this situation will improve over time when high bandwidth wireless options become more available as an alternative, but I’m not holding my breath.

Bandwidth and the content providers

In other cases, bandwidth providers are looking closely at legitimate content providers — businesses whose services have become popular enough to account for larger percentages of traffic on a network. These might be media companies streaming television or movie content, or gaming services supporting Massively Multiplayer Online Role-Playing Games (MMORPG). In these cases, we are seeing increased interest in additional charges on the content providers — but these content providers also have the reasonable belief that they paid for a certain amount of access bandwidth and just want to make full use of it (but perhaps more than “some of the time”).

It’s important to recognize that while the content provider’s network access will be provided by one set of ISPs, those accessing the service are likely using many other ISPs. The content, though, will travel over both networks (and likely some others in between). All of those ISP networks feel that strain. And all want to know whether there isn’t some new arrangement that can help them to cover their costs.

The response to these problems so far has been wars of words, clumsy technical responses, and poorly informed false starts in regulatory bodies. But there are real issues and they deserve serious handling.

A service I would pay for

To the ISPs, my input is please don’t “manage” your network by trying to decide which application protocols are good and which are bad, or under what conditions I can no longer use the bandwidth I think I paid to have available. If your network needs that kind of management, that should be a very clearly articulated part of the service offering. Tell users, in the form of an SLA, what the expected use is in straightforward terms. Perhaps that would involve not only access bandwidth numbers, but also permitted frequency of heavier use or even which specific protocols you will not always tolerate. Better yet, respond to conditions of congestion as a capacity problem, and in a protocol neutral way if possible.

I think I can describe what I personally want as a consumer. I don’t think I need full line rate 24/7. But when I want major bandwidth infrequently, I want to know that the bandwidth is there without limitations not previously expressed to me. I want to know that the application protocols I use are up to the end stations that make up the connection, not the hops in between. I want to know that there are no artificial barriers to my using that bandwidth, artificially ‘smoothing’ my packet rates, re- setting TCP sessions, or changing IP addresses through NAT that might break some application protocols.

If I’m unlucky enough to be asking for network resources when others have already grabbed it, I lose at that moment — and I’m OK with that. To me, this is a lot like when I try for city street parking. If I get there and there are no available spaces, I understand. But I don’t want to drive down the street and see dozens of empty parking spaces that I cannot use because I’ve already parked a few times earlier this month or because my car is the wrong color.

Here are a few options for network service level agreements that I think many of us, whether individuals or businesses, could understand and live with:

* Bandwidth is bandwidth is bandwidth. An access bandwidth is provided, and best effort service is provided. Any minimal filtering that’s done is described in plain English. Example: 10Mbps service, best effort, all protocols and ports permitted except port 25 is blocked in an effort to reduce spam.

* Managed bandwidth. An access bandwidth is provided, but the consumer or corporation can expect some bandwidth limits to be imposed. Example: 100Mbps service, best effort, all protocols and ports permitted except port 25 is blocked in an effort to reduce spam. No more than 2GB per calendar week, Sunday through Saturday. Charges beyond 2GB may apply.

* Differentiated/expedited services. This one is more complex. It’s like “bandwidth is bandwidth”, but you can mark some small percentage of your traffic as priority, and the ISP will expedite handling at congested points in its own network. No guarantee beyond the ISP network. Example: 100Mbps service, best effort, all protocols and ports permitted except port 25 is blocked in an effort to reduce spam. Up to 10% of all packets offered per hour can be marked for expedited handling. Beyond 10%, charges may apply or markings may be ignored.

In that last case, a clear concern is that special handling probably ends when the traffic leaves the ISP network with which the user has the business arrangement. When these ideas were first seriously considered about a decade ago some of us imagined that initially the service would only apply in that limited scope. Later there could be ISP alliances in which their service models and terminology matched, and still later, there might be more complex peering arrangements, with or without settlements, that would allow expedited handling to be preserved as traffic crossed network boundaries. None of this materialized at the time, which I’ve taken to mean that adequate demand from the businesses of the time did not exist. Perhaps it exists now as more voice and video and online game services have come to the network.

Many additional SLAs, clear and simple and able to meet real user goals, are possible.

My preference is to solve most of these resource scarcity problems with big bandwidth when possible. If it isn’t always possible, some network complexity is a necessity, but I think it should be accompanied by clear and understandable terms of service. If I have to “pick sides”, I’m in favor of net neutrality. But unlike some zealots, there’s room in my understanding to allow for tiered services and expedited services if done in a fair, approachable, clear way, available to all.